Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/t__ihGH7DRpxa18TJU5IktSWqFs.roa
File: t__ihGH7DRpxa18TJU5IktSWqFs.roa (raw, json)
Hash identifier: Wqb1ZQadtXDue+B7TxWlaLEXvz7GZeISG+m3E1CXCu0=
Subject key identifier: B7:FF:E2:84:61:FB:0D:1A:71:6B:5F:13:25:4E:48:92:D4:96:A8:5B
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 018BA629256F377C7B32B8888F580B258212
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/t__ihGH7DRpxa18TJU5IktSWqFs.roa
Signing time: Mon 06 Nov 2023 19:43:16 +0000
ROA not before: Mon 06 Nov 2023 19:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43180
IP address blocks: 45.12.0.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Dec 2023 13:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:29:25:6f:37:7c:7b:32:b8:88:8f:58:0b:25:82:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Nov 6 19:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ffe28461fb0d1a716b5f13254e4892d496a85b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:45:64:3c:0e:b9:62:14:f9:fc:49:8f:3d:
17:24:d4:3e:cd:b6:f6:7f:18:94:1f:f4:c6:3d:5a:
f4:52:2a:0f:44:df:ed:b2:19:25:02:38:ba:8e:5c:
67:a5:25:27:98:ae:a9:93:b1:29:c3:15:aa:fc:06:
2a:8f:7f:e8:5c:40:18:a6:00:fc:aa:4f:6d:73:44:
39:cf:90:6e:26:1c:9e:e9:95:96:37:95:30:7b:ab:
88:7d:96:d9:36:3b:19:d6:e4:a9:f0:8a:8a:97:e2:
2a:f7:5f:87:c3:5c:c0:08:04:ed:6a:4a:87:7e:a6:
cd:b8:ea:01:29:f0:83:43:c6:f0:e3:6f:51:33:38:
c5:77:3c:67:a7:fe:59:e3:98:a0:85:7e:c5:96:24:
4e:5a:43:c7:19:b8:29:c3:49:df:01:a8:e4:03:60:
ac:2b:ec:ac:59:4a:ff:f4:22:3e:36:1f:82:bd:54:
fe:67:7a:69:ad:ef:41:cf:9f:c9:9c:f2:33:19:6b:
0d:45:ac:4d:7e:80:bb:62:26:47:0a:06:39:27:09:
a8:be:9c:95:94:fc:b1:20:63:de:15:7a:e0:f4:ab:
e7:64:d5:a4:48:0f:b1:bf:92:b3:6e:0a:2b:fe:ed:
07:a2:62:8b:fd:1c:73:39:5c:f9:fc:9f:59:a9:e9:
8f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FF:E2:84:61:FB:0D:1A:71:6B:5F:13:25:4E:48:92:D4:96:A8:5B
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/t__ihGH7DRpxa18TJU5IktSWqFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
176.119.31.0/24
185.254.199.0/24
194.42.204.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
84:ee:eb:fa:f8:53:af:00:8c:ed:be:74:b5:e3:e1:06:08:69:
c1:9a:d1:63:84:2e:a1:46:c0:d6:20:39:50:b8:73:27:6a:66:
51:f0:50:e8:bf:e4:0f:44:c1:6c:e8:74:8e:a1:0e:d4:19:9c:
a6:8d:3f:eb:18:05:fd:9b:83:06:56:b9:34:68:e6:5c:f2:7e:
fd:ea:ae:d5:be:59:52:3e:02:9d:d9:c2:6d:8c:93:b5:66:c6:
b2:20:ae:1e:e4:03:d6:1f:50:ba:bd:35:63:6d:e2:f5:46:05:
d4:d3:ed:6a:bf:bd:dc:b9:6f:fe:98:42:f8:d8:76:94:61:d4:
43:3d:fe:dd:dd:9e:b0:c0:3b:3d:f7:7a:02:6c:6e:8b:cc:d9:
d0:77:e5:e7:89:e5:75:5b:07:11:30:86:d5:c6:fe:2b:13:76:
ad:a8:69:7e:94:e6:19:fd:7d:75:ea:be:50:8b:d1:0e:ec:92:
ca:1e:f6:fa:46:84:a2:f4:b6:9a:2a:07:7f:e6:ea:79:92:fd:
2b:4c:f4:f3:a5:e7:d7:9c:81:bc:a0:3c:15:97:64:8d:e3:f4:
f7:ab:d4:bf:8e:27:ec:76:f3:c4:2c:11:68:c2:33:01:cd:a1:
b3:5b:ce:fb:a6:76:6f:c0:e4:7b:49:4b:9b:f8:17:1a:da:8c:
15:34:37:22
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYumKSVvN3x7MriIj1gLJYISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjMxMTA2MTk0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2ZmZTI4NDYxZmIwZDFhNzE2YjVmMTMyNTRlNDg5MmQ0OTZhODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvZFZDwOuWIU+fxJjz0XJNQ+zbb2
fxiUH/TGPVr0UioPRN/tshklAji6jlxnpSUnmK6pk7EpwxWq/AYqj3/oXEAYpgD8
qk9tc0Q5z5BuJhye6ZWWN5Uwe6uIfZbZNjsZ1uSp8IqKl+Iq91+Hw1zACATtakqH
fqbNuOoBKfCDQ8bw429RMzjFdzxnp/5Z45ighX7FliROWkPHGbgpw0nfAajkA2Cs
K+ysWUr/9CI+Nh+CvVT+Z3ppre9Bz5/JnPIzGWsNRaxNfoC7YiZHCgY5JwmovpyV
lPyxIGPeFXrg9KvnZNWkSA+xv5Kzbgor/u0HomKL/RxzOVz5/J9ZqemPaQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLf/4oRh+w0acWtfEyVOSJLUlqhbMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvdF9faWhHSDdEUnB4YTE4VEpVNUlrdFNXcUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQALQs5AwQB
LQwAAwQALQwDAwQAW9BzAwQAsHcfAwQAuf7HAwQAwirMAwQAw0LSAwQBw4D4MA0E
AgACMAcDBQAqCS3CMA0GCSqGSIb3DQEBCwUAA4IBAQCE7uv6+FOvAIztvnS14+EG
CGnBmtFjhC6hRsDWIDlQuHMnamZR8FDov+QPRMFs6HSOoQ7UGZymjT/rGAX9m4MG
Vrk0aOZc8n796q7VvllSPgKd2cJtjJO1ZsayIK4e5APWH1C6vTVjbeL1RgXU0+1q
v73cuW/+mEL42HaUYdRDPf7d3Z6wwDs993oCbG6LzNnQd+XnieV1WwcRMIbVxv4r
E3atqGl+lOYZ/X116r5Qi9EO7JLKHvb6RoSi9LaaKgd/5up5kv0rTPTzpefXnIG8
oDwVl2SN4/T3q9S/jifsdvPELBFowjMBzaGzW877pnZvwOR7SUub+Bca2owVNDci
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org